﻿<?php

$user_name = $_POST["username"];
$user_pwd = $_POST["password"];
if($user_name=="" || $user_pwd=="")
{
    echo '<script>alert("请输入用户名或密码！");
                   history.go(-1);
           </script>';	//分开写？
}
else
{
    require("Include/conn.php");
    $sql = "SELECT `user_id`,`user_name`,`user_pwd` FROM `pw_user` WHERE `user_name`='$user_name' and `user_pwd`='$user_pwd';";	//注意分号
    $result_array= mysqli_fetch_array(mysqli_query($link,$sql));
    if($result_array)
    {
        $user_id=$result_array['user_id'];
        setcookie("user_id",$user_id,time()+3600);
        $href = "user.php?id=".strval($result_array['user_id']);
        echo $href;
        header("Location: $href");
    }
    else
    {
        echo '<script>alert("用户名或密码不正确！");history.go(-1);</script>';
    }
}
?>